Microsoft's AZ-900 - Part 4
91. Which types of secrets can be stored in an Azure key vault?
Ans:
· Password
· PKI certificate
92. You need to ensure an Azure key vault secret is usable one week from the current data. What should you configure?
Ans: Set activation date
93. Which storage account option keeps data in sync across regions?
Ans: GRS
94. Which accountability aspect is available through the Azure Service Trust Portal?
Ans: Assigning policy compliance responsibilities
95. Which of the following statements regarding Azure Government Services is correct?
Ans: Separate Data Centers are used
96. Which set go security standard relates to cardholder data?
Ans: PCI DSS
97. Which of the following is an example of PHI?
Ans: Past medical procedures
98. Which Azure Security Center statistic provides quick insight into the overall security posture?
Ans: Overall Secure Score
99. Approved preview features are referred to as?
Ans: GA
100. How many Azure German Regions are there?
Ans: 2
101. Which statement regarding Azure SLAs is correct?
Ans: Each Azure service offering has a unique SLA
102. How can you remotely manage Azure VMs that do not have public IP addresses?
Ans:
· Jump Box
· Point-to-Site VPN
103. Which Azure CLI command shows existing Network Security Groups?
Ans: Az network nsg list
104. What is the Azure Firewall associated with when protecting Azure?
Ans: VNet Subnet
105. You have enabled just in time (JIT) access for a Windows VM, yet you still cannot connect to it using RDP. What is the most likely cause of the problem?
Ans: You have not requested to access the VM
106. Which methods can be used to install an anti malware agent through the Azure portal?
Ans:
· VM properties blade
· Azure Security Center
107. You are troubleshooting Azure Backup failures. Which of the following is the most likely reason for the failure?
Ans: Microsoft Services do not have access to the storage account
108. Which statement regarding jump boxes is correct?
Ans: It must be publicly accessible
109. Which statement regarding Azure Advanced Three Protection (ATP) is correct?
Ans: ATP licensing is automatic when you create an Azure subscription
110. You are configuring Azure Firewall Application Rules to allow outbound access to *.quick24x7.com. You have created an Azure Formal and associated it with the appropriate subnet. Which additional configuration is required?
Ans: Route Table
111. You are creating Network Security Groups and rules using PowerShell. Which strategy should you adopt?
Ans: Get -AzNetworkSecurityGroup | Add -AzNetworkSecurityRuleConfig | Set -AzNetworkSecuirtyGroup
112. Which rule controls the order of rule execution?
Ans: priority
113. Which items can a Network Security Group (NSG) associated with?
Ans:
· VM network interface
· Subnet
114. Which of the following are Azure DDoS Mitigation offerings?
Ans:
· Basic
· Standard
115. Which CLI command is used to unlock a locked azure resource group?
Ans: az lock delete -ids
116. You are writing a Powershell script that must determine if an Azure resource is locked prior to modification. Which PowerShell cmdlet should you use?
Ans: Get- AzResourceLock
117. Which two items are required when creating a new Azure AD Directory?
Ans:
· Domain Name
· Organizational Name
118. Which CLI command creates a customer Azure policy?
Ans: az role definition create --role-defintion d:\mycustomrole.json
119. Which of the following are valid reasons for locking Azure Resources?
Ans:
· Prevent detection
· Prevent Modification
120. You are creating an Azure AD group. Which of the following are valid group types?
Ans:
· Security
· Office 365
No comments:
Post a Comment